Method for securely using a single password for multiple purposes

ABSTRACT

A method is presented that includes receiving input data. The method also includes determining if a salt value exists and generating a salt value and storing the salt value in a table entry if the salt value does not exist. The method further provides for retrieving the salt value from the table entry if the salt value exists and generating a hash from the salt value and the input data. The method also provides for generating a password from the hash and returning the password to an application to gain entry to the application. Also presented is a program storage device readable by a machine including instructions that cause the machine to perform similar to the method above.

BACKGROUND OF THE INVENTION FIELD OF THE INVENTION

[0001] This invention relates to application password protection, andmore particularly to a method of generating a plurality of passwordsfrom a single strong password or passphrase that is not stored.

BACKGROUND INFORMATION

[0002] Many of todays software applications require users to enter apassword. These applications may reside on a personal computer and/or aserver that may be connected to a personal computer via a network. If auser uses a plurality of software applications that require the use of apassword to gain entry, the user must either memorize many passwords,have these many passwords stored, or write them down. The passwords maybe stored on the personal computer and/or the server where the softwareapplication resides. Some of these stored passwords may not beencrypted. Many users use the same or similar passwords, or a set ofpasswords to ease the memory requirement. A problem with this scheme isthat not all software applications use cryptographic means of protectingthe passphrase, or secret that is entered by the user. Thus, the userspasswords may be compromised.

[0003] Also, a compromise of a password (also known as a passphrase) toone application may allow all other applications that use the samepassword to be compromised. Further, the password is sometimes used insoftware applications, such as wrapping a cryptographic key, in whichthe user can be attacked with a brute force password search. Forexample, an adversary that obtains a wrapped cryptographic key can testif the correct password is found. Thus, if the password size is not toolarge, the adversary can search over all of the password space until thecorrect password is found. To protect against this theft, a large orcomplex password is necessary. The problem with having large complexpasswords is that a user must now remember a plurality of long orcomplex passwords.

BRIEF DESCRIPTION OF THE DRAWINGS

[0004] The invention is illustrated by way of example and not by way oflimitation in the figures of the accompanying drawings in which likereferences indicate similar elements. It should be noted that referencesto “an” or “one” embodiment in this disclosure are not necessarily tothe same embodiment, and such references mean at least one.

[0005]FIG. 1 illustrates an embodiment of the invention having a clientpassword generator.

[0006]FIG. 2 illustrates an embodiment of the invention having a tableentry.

[0007]FIG. 3 illustrates an embodiment of the invention having agraphical user interface (GUI) for entering user inform ation.

[0008]FIG. 4 illustrates an embodiment of the invention having a GUI forentering user inform ation and selecting an application.

[0009]FIG. 5 illustrates an embodiment of the invention having a GUI forentering user information, selectingan application and dissplaying agenerated password.

[0010]FIG. 6 illustrates a flow diagram of a process of an embodiment ofthe invention.

[0011]FIG. 7 illustrates a flow diagram of a process of an embodiment ofthe invention which also determines if a new strong password orpassphrase is needed.

DETAILED DESCRIPTION

[0012] The invention generally relates to a method to allow applicationsoftware users to use a single strong password or passphrase that isused to generate a plurality of individual passwords or passphrases fora plurality of software applications. Referring to the figures,exemplary embodiments of the invention will now be described. Theexemplary embodiments are provided to illustrate the invention andshould not be construed as limiting the scope of the invention.

[0013]FIG. 1 illustrates an embodiment of the invention comprisingpersonal computer 100, client password generator 110, server 120, servercryptographic support services 150, client softwaremanufacturer/developer 130, and software application(s) 115 and 140.Software application 115 and 140 can be any software applicationrequiring a password to enable entry. Software application 115 can runon server 120, where software application 140 can run on personalcomputer 100. It should be noted that software application 140 can alsobe run on other devices, such as personal digital assistants (PDAs),cellular telephones, and other similar portable devices. There may bemany software applications 140 to be run on personal computer 100, andlikewise for software application 115 on server 120. Client softwareapplication manufacturer 130 develops versions of client passwordgenerator 110.

[0014] In one embodiment, client password generator 110 contains randomnumber generator (RNG) 205 to generate a salt value. RNG 205 may be anyconventional RNG. A salt value may be generated for each softwareapplication. FIG. 2 illustrates table entry 200 having salt valueentries 210 and application entries 220. Each application that uses agenerated password (generated by client password generator 110) has anassociated salt value entry 210. In another embodiment, salt valueentries 210 are random values selected by each client softwareapplication developer 130.

[0015] In one embodiment, client password generator prompts a user for auser identification and a strong password or passphrase. A strongpassword or passphrase is a password or passphrase that has enoughentropy to prevent an adversary from easily determining the strongpassword or passphrase through a brute force password search overpossible passwords. The user identification and strong password orpassphrase can be entered from devices such as a keyboard, a voiceactivated system, or a computer pointing device. FIG. 3 illustrates oneembodiment of graphical user interface (GUI) 300 that prompts a user toenter user identification (or username) 310 and strong password orpassphrase 320. FIG. 4 illustrates an embodiment that prompts a user foruser identification 310, strong password or passphrase 320, andapplication menu 430 to select an application the user desires togenerate a password for. If an application does not exist in applicationmenu 430, a user can enter the name of the new application in anapplication entry GUI (not shown). FIG. 5 illustrates an embodiment thatprompts a user for user identification 310, strong password orpassphrase 320, application menu 430 to select an application the userdesires to generate a password for, and returns a password for theselected application to generated password display 510. A user can thenmanually enter the generated password when prompted by an applicationrequiring the password. In another embodiment, a plurality of strongpasswords or passphrases can be used to to generate applicationpasswords that represent various security levels, such as confidential,secret and top secret.

[0016] In one embodiment, once client password generator 110 gets theuser's strong password or passphrase entry and user identification, asalt value is retrieved for the specific application if it exists intable entry 200. If a salt value does not exist for the specificapplication that a user desires a password to be generated, RNG 205generates a salt value that is entered in table entry 200 that isassociated with the specific application.

[0017] Client password generator 110 uses the strong password orpassphrase, user identification and salt value to generate anapplication specific password that is a hash of the strong password orpassphrase, user identification and salt value. Standard hash programscan be used, such as Secure Hash Algorithm, SHA-1 and message digestalgorithm, MD5. One should note that other hash algorithms can also beused. Once the hash is complete, an application specific password isreturned. In one embodiment, the returned generated password is directlyinterfaced into the application requiring the password. The generatedpassword may be temporarily stored on the platform each time the strongpassword or passphrase is entered and the application specific passwordis generated. The length of time that the generated password istemporarily stored is controlled by client password generator 110 in oneembodiment. In another embodiment, a user inputs a predetermined timeperiod for which the generated password may be stored dependent on theplatform, such as personal computer 100 or server 120.

[0018] In one embodiment, a hash function is selected to be slow. Thisis to slow down an adversary that is trying a brute force attack todetermine what password hashes to a given value. The adversary mustcompute the slow hash function for every password that he searches,while the real user needs to only compute the hash function for thesingle password that he enters. Thus, by slowing down the hash function,a user can use a password with less entropy and achieve equivalentsecurity. One embodiment of a slow hash function is to iterate a hashfunction multiple times.

[0019] In one embodiment, since the amount of entropy depends on a hashfunction, if a hash function requires 0.1 seconds to complete on a 1Gigahertz processor computer, at least 40 bits of entropy is sufficientto ensure protection from a brute force attack by an adversary to try todetermine a password in less than 1 million days of computing on 1Gigahertz processor computers. One should note that other sizes ofentropy may be used.

[0020] In another embodiment, client password generator 110 monitorsactivity on the platform where client password generator 110 is runningfor certain activity, such as amount of application use or logon data.In one embodiment, client password generator 110 determines if agenerated password is stored on a platform. If the generated password isnot stored on the platform, client password generator 110 prompts a userto enter a strong password or passphrase and input information togenerate the application specific password. It should be noted in oneembodiment, a user can choose not to store the generated password on theplatform running the client password generator. In this embodiment,client password generator 110 prompts the user for a strong password orpassphrase and input information each time a password needs to begenerated for an application to be entered.

[0021]FIG. 6 illustrates a flow diagram of an embodiment of theinvention for client password generator 110 to generate an applicationpassword. Process 600 starts at operation 605 as a user executes clientpassword generator 110. Next, operation 610 is executed prompting a userfor a strong password or passphrase and a user identification. Process600 continues with operation 620 determining if a salt exists for thespecific application. In one embodiment, operation 620 queries tableentry 200 and searches for an application name and associated salt. If asalt does not exist for a selected application, operation 630 generatesa salt for the selected application. After a salt is generated, in oneembodiment operation 635 stores salt in table entry 200. Process 600continues with operation 620 determining if a salt exists. At this time,process 600 continues to operation 650. Operation 650 generates anapplication specific password that is a hash of the user identification,strong password or passphrase and salt that is associated for thespecified application. Process 600 then continues with operation 660returning a generated password for the specified application.

[0022] Occasionally, an application requiring a password may prompt auser to change the required password, or a user may choose an option onthe application to change his password. In one embodiment, theapplication would require the old password and a new password. Togenerate the old password, client password generator 110 initiatesprocess 600 with a request for the old password. To generate the newpassword, client password generator 110 initiates process 600 with arequest for the new password.

[0023]FIG. 7 illustrates process 700 of an embodiment of the inventionthat adds operations 710 and 720 to process 600 illustrated in FIG. 6.Operation 710 determines if a new strong password or passphrase isrequired to be entered by a user. If a new strong password or passphraseis required, operation 720 prompts the user for a new strong password orpassphrase and user identification. After the user enters thisinformation, process 700 continues with operation 710.

[0024] In one embodiment, when the user changes his strong password, hewill need to change passwords on all applications so the applicationswill all be using a password derived from the new strong password.

[0025] In one embodiment, an application profile is associated with eachapplication and indicates if a new strong password or passphrase isbeing used for each application in table entry 200. In anotherembodiment, a field may be added to indicate a date a new strongpassword was entered. Since changing the passwords for all applicationsmay be very time consuming, the user can choose to change some passwordsat a later time. In one embodiment, client password generator 110prompts the user for each application that has not yet used the newstrong password or passphrase to generate an application specificpassword. The user is prompted to enter the old strong password orpassphrase and then the new strong password and passphrase at this time.

[0026] In another embodiment, after the user has entered the new strongpassword, a computation is performed and the result stored that allowsthe client password generator to compute the old strong password fromthe new strong password. An example of this would be to encrypt the oldstrong password with the new strong password. In this case, the userwould not need to enter the old strong password in order to change thepassword for each application. When an application requires both the oldpassword and the new password for an application, the user would enterjust his new strong password, and the client password generator wouldcompute the old strong password, and then generate both the old and newpasswords for that application.

[0027] In one embodiment, the user is prompted to occasionally changethe strong password or passphrase. A user can choose a predeterminedperiod of time to be reminded to change the strong password orpassphrase. The embodiments of the invention allow users to only needremember one strong password or passphrase while generating a pluralityof application specific passwords. If an attacker was to compromise onepassword of a specific application, all other passwords for otherapplications are not compromised. Also, the strong password orpassphrase is not stored. Also, operating systems and applications neednot be modified for the above embodiments.

[0028] The above embodiments can also be stored on a device or mediumand read by a machine to perform instructions. The device or medium mayinclude a solid state memory device and/or a rotating magnetic oroptical disk. The device or medium may be distributed when partitions ofinstructions have been separated into different machines, such as acrossan interconnection of computers.

[0029] While certain exemplary embodiments have been described and shownin the accompanying drawings, it is to be understood that suchembodiments are merely illustrative of and not restrictive on the broadinvention, and that this invention not be limited to the specificconstructions and arrangements shown and described, since various othermodifications may occur to those ordinarily skilled in the art.

What is claimed is:
 1. A method comprising: receiving input data;determining if a salt value exists; generating a salt value and storingthe salt value in a table entry if the salt value does not exist;retrieving the salt value from the table entry if the salt value exists;generating a hash from the salt value and the input data; generating apassword from the hash; and returning the password to an application togain entry to the application.
 2. The method of claim 1, wherein theinput data comprises a user identification and a strong password.
 3. Themethod of claim 2, wherein the input data further comprises anapplication identification.
 4. The method of claim 2, further comprisingdetermining if a new strong password is required; and retrieving the newstrong password if the new strong password is required.
 5. The method ofclaim 2, wherein the strong password is used to generate a plurality ofapplication passwords.
 6. The method of claim 1, wherein the salt valueis one of predetermined and generated by a random number generator. 7.The method of claim 1, wherein the salt value and the application areassociated in the table entry.
 8. The method of claim 1, wherein theapplication is run on one of a local computer system and a networkedcomputer system.
 9. The method of claim 1, wherein one of a secure hashalgorithm (SHA-1) and a message digest (MD5) algorithm are used togenerate the hash.
 10. The method of claim 1, wherein the generatedpassword is temporarily stored in a memory for a predetermined timeperiod.
 11. The method of claim 10, wherein the predetermined timeperiod is based on platform activity.
 12. The method of claim 11,wherein the platform is one of a local computer system and a networkedcomputer system.
 13. A program storage device readable by a machinecomprising instructions that cause the machine to: receive input data;determine if a salt value exists; generate a salt value and store thesalt value in a table entry if the salt value does not exist; retrievethe salt value from the table entry if the salt value exists; generate ahash from the salt value and the input data; generate a password fromthe hash; and return the password to an application to gain entry to theapplication.
 14. The program storage device of claim 13, wherein theinput data comprises a user identification and a strong password. 15.The program storage device of claim 14, wherein the input data furthercomprises an application identification.
 16. The program storage deviceof claim 13, further comprises instructions that cause the machine to:determine if a new strong password is required; and retrieve the newstrong password if the new strong password is required.
 17. The programstorage device of claim 16, wherein the strong password is used by themachine to generate a plurality of application passwords.
 18. Theprogram storage device of claim 13, wherein the salt value is one ofpredetermined and generated by a random number generator.
 19. Theprogram storage device of claim 13, wherein the salt value and theapplication are associated in the table entry.
 20. The program storagedevice of claim 13, wherein one of a secure hash algorithm (SHA-1) and amessage digest (MD5) algorithm are used in instructions to cause themachine to generate the hash.
 21. The program storage device of claim13, wherein the generated password is temporarily stored in a memory fora predetermined time period.
 22. The program storage device of claim 21,wherein the predetermined time period is based on platform activity. 23.The program storage device of claim 22, wherein the platform is one of alocal computer system and a networked computer system.
 24. A methodcomprising: receiving a user password; receiving a name of anapplication requiring a password; determining a correct salt value forthe application; computing an application dependent password for a user,wherein the application dependent password depends on the user passwordand the salt value for the application; and returning the applicationdependent password to the application.
 25. The method of claim 24,wherein the computing of the application dependent password depends on auser name.
 26. The method of claim 25, wherein the computation of theapplication dependent password further includes hashing the user name,the user password, and the salt value for the application.
 27. Themethod of claim 25, further comprising retrieving an old password if theold password is required.
 28. The method of claim 25, wherein a strongpassword is used to generate a plurality of application passwords. 29.The method of claim 24, wherein the salt value is unique for a user andan application.